package top.kuxiao.crmserver.intercepor;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.HandlerInterceptor;
import top.kuxiao.crmserver.pojo.IUser;
import top.kuxiao.crmserver.utils.Auth;
import top.kuxiao.crmserver.utils.CookieUtil;
import top.kuxiao.crmserver.utils.JWTUtil;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

/**
 * <p>
 * 登录拦截器
 * </p>
 *
 * @author xiaozhang
 * @since 2022-01-12
 */
@Component
public class LoginInterceptor implements HandlerInterceptor {

    @Autowired
    JWTUtil jwtUtil;

    @Autowired
    CookieUtil cookieUtil ;

    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

        response.setContentType("application/json;charset=utf-8");

        //1.拦截器中的跨域访问设置
        response.setHeader("Access-Control-Allow-Origin","*");
        response.setHeader("Access-Control-Allow-Headers","*");
        response.setHeader("Access-Control-Allow-Methods","*");





        if (cookieUtil.ifTokenToObject(request)){
            //把token转换为登录对象
            String role = cookieUtil.getRole(request);
            //找到登录对象
            if (role!=null){
                //把登录用户的信息保存在请求中
                request.setAttribute("role",role);

                if (handler instanceof HandlerMethod){
                    HandlerMethod handlerMethod = (HandlerMethod) handler;
                    //method就是正在请求的方法
                    Method method = handlerMethod.getMethod();
                    //判断是否方法上有@Auth注解
                    if (method.isAnnotationPresent(Auth.class)){
                        // 获取到注解
                        Auth annotation = method.getAnnotation(Auth.class);
                        // 获取到注解的value值
                        String value = annotation.value();
                        //注解中的value值包含登录角色的名字
                        if (value.contains(role)){
                            return true;
                        }else {
                            response.getWriter().println("没有该权限");
                            return false;
                        }
                    }else {
                        if ("AM".equals(role)){
                            return true;
                        }
                        response.getWriter().println("没有该权限");
                        return false;


                    }
                }
            }

        }

//        System.out.println("进入拦截器");

        //2.获取请求数据（把localStorage中保存的登录相关数据，ajax的时候，以headers的方式发送到服务器端）



        String role = cookieUtil.getRole(request);



        if (role != null && !"".equals(role)){
            //表示保存了登录信息

            //不在展示
            return true;
        }

        response.getWriter().println("{\"msg\":\"noLogin\"}");
        return false;
    }

}
